Hi All,
Can anyone here please confirm if this is all I need to prevent Ransomware with my current Sophos AV module ?
Any comments and suggestion would be greatly appreciated.
Thanks
This thread was automatically locked due to age.
Hi All,
Can anyone here please confirm if this is all I need to prevent Ransomware with my current Sophos AV module ?
Any comments and suggestion would be greatly appreciated.
Thanks
[intended to reply earlier]
Hello S.E.
[is this] all I need to prevent Ransomware
your screenshot doesn't show the settings, please see the Ransomware: Prevention advice for the recommended ones (you could call them minimum requirements). This is not all I need to prevent though, there's no guarantee that this will detect each and every ransomware.
and hello Louis-M,
it won't catch any new variants until the signatures are updated
I beg to differ, at least the general statement as I understand it from the rest of your reply. Of course malware writers (try to) make sure that their software isn't detected, and the actual program might indeed not get caught - if it can make it to the computer. With the other components and features in the "classic" product there's a chance that one of the precursors is blocked. And even the "classic" Live Protection components make it harder for the malware writers to fully test their product against AV.
Thus it's not that regarding ransomware one is defenceless, least of all completely defenceless, without Intercept X.
[just my 2 cents]
Christian
HI Christian,
yes point taken and I adknowledge that you are better off with some than none and there is a good chance that it will catch it. The point I was referring to was when the wannacry outbreak occured, Sophos pushed out their signatures as quick as they could which probably would have let wannacry in on friday without detection but would have caught it on saturday.
For some, that might be an acceptable risk but for others maybe not and of course the bottom line is whether you can afford it too. We got hit by ransomware last year (even though we had Sophos) but we managed to catch it in time and had backups. It came in via an encrypted email and was activated by the user.
We've got the money so we're now investing in sandstorm and exploit protection which along with our policies and others, I'm hoping will negate the risk as much as we can.
HI Christian,
yes point taken and I adknowledge that you are better off with some than none and there is a good chance that it will catch it. The point I was referring to was when the wannacry outbreak occured, Sophos pushed out their signatures as quick as they could which probably would have let wannacry in on friday without detection but would have caught it on saturday.
For some, that might be an acceptable risk but for others maybe not and of course the bottom line is whether you can afford it too. We got hit by ransomware last year (even though we had Sophos) but we managed to catch it in time and had backups. It came in via an encrypted email and was activated by the user.
We've got the money so we're now investing in sandstorm and exploit protection which along with our policies and others, I'm hoping will negate the risk as much as we can.